From f305e703d51079a17bcfc15d54f4c5f591dcff56 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Tue, 23 Apr 2024 11:09:40 +0200
Subject: [PATCH] Require Libgcrypt 1.11.0

* configure.ac (NEED_LIBGCRYPT_VERSION): Set to 1.11.0
* agent/pkdecrypt.c (struct ecc_params): Move constants to the top.
--

It does not make anymore sense to allow building with older Libgcrypt
versions.  After all PQ key support is a major feature and for this we
need Libgcrypt.
---
 agent/pkdecrypt.c | 129 +++++++++++++++++++++++++---------------------
 common/kem.c      |   5 +-
 configure.ac      |   2 +-
 3 files changed, 71 insertions(+), 65 deletions(-)

diff --git a/agent/pkdecrypt.c b/agent/pkdecrypt.c
index a72b5d2d5..10bd92152 100644
--- a/agent/pkdecrypt.c
+++ b/agent/pkdecrypt.c
@@ -29,6 +29,75 @@
 #include "agent.h"
 #include "../common/openpgpdefs.h"
 
+
+/* Table with parameters for KEM decryption.  Use get_ecc_parms to
+ * find an entry.  */
+struct ecc_params
+{
+  const char *curve;            /* Canonical name of the curve.  */
+  size_t pubkey_len;            /* Pubkey in the SEXP representation.   */
+  size_t scalar_len;
+  size_t point_len;
+  size_t shared_len;
+  int hash_algo;
+  int algo;
+  int scalar_reverse;
+};
+
+static const struct ecc_params ecc_table[] =
+  {
+    {
+      "Curve25519",
+      33, 32, 32, 32,
+      GCRY_MD_SHA3_256, GCRY_KEM_RAW_X25519,
+      1
+    },
+    {
+      "X448",
+      56, 56, 56, 64,
+      GCRY_MD_SHA3_512, GCRY_KEM_RAW_X448,
+      0
+    },
+    {
+      "brainpoolP256r1",
+      65, 32, 65, 32,
+      GCRY_MD_SHA3_256, GCRY_KEM_RAW_BP256,
+      0
+    },
+    {
+      "brainpoolP384r1",
+      97, 48, 97, 64,
+      GCRY_MD_SHA3_512, GCRY_KEM_RAW_BP384,
+      0
+    },
+    { NULL, 0, 0, 0, 0, 0, 0, 0 }
+};
+
+
+/* Maximum buffer sizes required for ECC KEM.  Keep this aligned to
+ * the ecc_table above.  */
+#define ECC_SCALAR_LEN_MAX 64
+#define ECC_POINT_LEN_MAX (1+2*64)
+#define ECC_HASH_LEN_MAX 64
+
+
+
+/* Return the ECC parameters for CURVE.  CURVE is expected to be the
+ * canonical name.  */
+static const struct ecc_params *
+get_ecc_params (const char *curve)
+{
+  int i;
+
+  for (i = 0; ecc_table[i].curve; i++)
+    if (!strcmp (ecc_table[i].curve, curve))
+      return &ecc_table[i];
+
+  return NULL;
+}
+
+
+
 /* DECRYPT the stuff in ciphertext which is expected to be a S-Exp.
    Try to get the key from CTRL and write the decoded stuff back to
    OUTFP.   The padding information is stored at R_PADDING with -1
@@ -173,62 +242,6 @@ reverse_buffer (unsigned char *buffer, unsigned int length)
     }
 }
 
-struct ecc_params
-{
-  const char *curve;
-  size_t pubkey_len;            /* Pubkey in the SEXP representation.   */
-  size_t scalar_len;
-  size_t point_len;
-  size_t shared_len;
-  int hash_algo;
-  int algo;
-  int scalar_reverse;
-};
-
-static const struct ecc_params ecc_table[] =
-  {
-    {
-      "Curve25519",
-      33, 32, 32, 32,
-      GCRY_MD_SHA3_256, GCRY_KEM_RAW_X25519,
-      1
-    },
-    {
-      "X448",
-      56, 56, 56, 64,
-      GCRY_MD_SHA3_512, GCRY_KEM_RAW_X448,
-      0
-    },
-    {
-      "brainpoolP256r1",
-      65, 32, 65, 32,
-      GCRY_MD_SHA3_256, GCRY_KEM_RAW_BP256,
-      0
-    },
-    {
-      "brainpoolP384r1",
-      97, 48, 97, 64,
-      GCRY_MD_SHA3_512, GCRY_KEM_RAW_BP384,
-      0
-    },
-    { NULL, 0, 0, 0, 0, 0, 0, 0 }
-};
-
-static const struct ecc_params *
-get_ecc_params (const char *curve)
-{
-  int i;
-
-  for (i = 0; ecc_table[i].curve; i++)
-    if (!strcmp (ecc_table[i].curve, curve))
-      return &ecc_table[i];
-
-  return NULL;
-}
-
-#define ECC_SCALAR_LEN_MAX 64
-#define ECC_POINT_LEN_MAX (1+2*64)
-#define ECC_HASH_LEN_MAX 64
 
 /* For composite PGP KEM (ECC+ML-KEM), decrypt CIPHERTEXT using KEM API.
    First keygrip is for ECC, second keygrip is for PQC.  CIPHERTEXT
@@ -247,7 +260,6 @@ static gpg_error_t
 composite_pgp_kem_decrypt (ctrl_t ctrl, const char *desc_text,
                            gcry_sexp_t s_cipher, membuf_t *outbuf)
 {
-#if GCRYPT_VERSION_NUMBER >= 0x010b00
   gcry_sexp_t s_skey0 = NULL;
   gcry_sexp_t s_skey1 = NULL;
   unsigned char *shadow_info = NULL;
@@ -579,9 +591,6 @@ composite_pgp_kem_decrypt (ctrl_t ctrl, const char *desc_text,
   gcry_sexp_release (s_skey0);
   gcry_sexp_release (s_skey1);
   return err;
-#else
-  return gpg_error (GPG_ERR_NOT_IMPLEMENTED);
-#endif
 }
 
 /* DECRYPT the encrypted stuff (like encrypted session key) in
diff --git a/common/kem.c b/common/kem.c
index 7227898d1..0e498d37e 100644
--- a/common/kem.c
+++ b/common/kem.c
@@ -54,7 +54,6 @@ compute_kmac256 (void *digest, size_t digestlen,
                  const void *custom, size_t customlen,
                  gcry_buffer_t *data_iov, int data_iovlen)
 {
-#if GCRYPT_VERSION_NUMBER >= 0x010b00
   gpg_error_t err;
   gcry_buffer_t iov[20];
   const unsigned char headPAD[2] = { 1, KECCAK512_BLOCKSIZE };
@@ -142,11 +141,9 @@ compute_kmac256 (void *digest, size_t digestlen,
   err = gcry_md_hash_buffers_ext (GCRY_MD_CSHAKE256, 0,
                                   digest, digestlen, iov, iovcnt);
   return err;
-#else
-  return gpg_error (GPG_ERR_NOT_IMPLEMENTED);
-#endif
 }
 
+
 /* Compute KEK (shared secret) for ECC with HASHALGO, ECDH result,
    ciphertext in ECC_CT, public key in ECC_PK.  */
 gpg_error_t
diff --git a/configure.ac b/configure.ac
index 0dfbe6193..1f0142140 100644
--- a/configure.ac
+++ b/configure.ac
@@ -58,7 +58,7 @@ AC_DEFINE_UNQUOTED(GNUPG_SWDB_TAG, "gnupg26", [swdb tag for this branch])
 NEED_GPGRT_VERSION=1.46
 
 NEED_LIBGCRYPT_API=1
-NEED_LIBGCRYPT_VERSION=1.9.1
+NEED_LIBGCRYPT_VERSION=1.11.0
 
 NEED_LIBASSUAN_API=3
 NEED_LIBASSUAN_VERSION=3.0.0